<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: security_check.php 11 2013-09-21 11:43:11Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 11 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-21 11:43:11 +0000 (Sat, 21 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

defined('_VALID_XTC') or die('Direct Access to this location is not allowed.');

$file_warning = '';
if(file_exists(DIR_FS_CATALOG.'includes/configure.php')) {
	if (!strpos(decoct(fileperms(DIR_FS_CATALOG.'includes/configure.php')), '444')) {
		$file_warning .= '<br />'.DIR_FS_CATALOG.'includes/configure.php';
	}
}
if(file_exists(DIR_FS_ADMIN.'includes/configure.php')) {
	if (!strpos(decoct(fileperms(DIR_FS_ADMIN.'includes/configure.php')), '444')) {
		$file_warning .= '<br />'.DIR_FS_ADMIN.'includes/configure.php';
	}
}

$payment_check = $db->db_query("SELECT configuration_value FROM ".TABLE_CONFIGURATION." WHERE configuration_key = 'MODULE_PAYMENT_INSTALLED'");
$shipping_check = $db->db_query("SELECT configuration_value FROM ".TABLE_CONFIGURATION." WHERE configuration_key = 'MODULE_SHIPPING_INSTALLED'");

if ($file_warning != '' || $folder_warning != '' || (empty($payment_check->fields['configuration_value'])) || (empty($shipping_check->fields['configuration_value']))) {
?>
	<div class="warning_container">
		<div class="warning_head color-red">
			<h3><?php echo TEXT_WARNING; ?></h3>
		</div>
		<div class="warning">
			<div class="warning_content">
				<table class="dataTable" width="100%" cellpadding="8">
					  <?php
						if ($file_warning != '') {
							echo '<tr>';
							echo '	<td>'.WARNING_IMAGE.'</td>';
							echo '	<td>'.TEXT_FILE_WARNING.'<b>'.$file_warning.'</b></td>';
							echo '	<td>&nbsp;</td>';
							echo '</tr>';
						}
						if (empty($payment_check->fields['configuration_value'])) {
							echo '<tr>';
							echo '	<td>'.WARNING_IMAGE.'</td>';
							echo '	<td style="text-align: left;">'.TEXT_PAYMENT_ERROR.'</td>';
							echo '	<td style="text-align: right;"><a href="modules_payment.php?'.getMenuID('modules_payment').'">'.TEXT_PAYMENT.'</a></td>';
							echo '</tr>';
						}
						if (empty($shipping_check->fields['configuration_value'])){
							echo '<tr>';
							echo '	<td>'.WARNING_IMAGE.'</td>';
							echo '	<td style="text-align: left;">'.TEXT_SHIPPING_ERROR.'</td>';
							echo '	<td style="text-align: right;"><a href="modules_shipping.php?'.getMenuID('modules_shipping').'">'.TEXT_SHIPPING.'</a></td>';
							echo '</tr>';
						}
						?>
				</table>
			</div>
		</div>
	</div>
<?php } ?>